Search Results

OAuth Cookies

If OAuth is being used, when the user (resource owner) authenticates with the authentication server, the platform generates an OAuthToken_{OAuthProviderName} cookie. This cookie identifies the logged-in user and the specific roles associated with the user. The app then uses this cookie in subsequent requests to the platform's OAuth Provider, for session management and grant administration, until grant authorization is complete. For non-browser scenarios, the app must save this cookie and include it in every request.

Below is an example of an OAuthToken_{OAuthProviderName} cookie returned by the POST /oauth/login/renewToken operation in the Set-Cookie header. Line breaks have been added for display reasons.